- name: check/create instance
  hosts: lists-dev.cloud.fedoraproject.org
  user: root
  gather_facts: False

  vars_files: 
  - /srv/web/infra/ansible/vars/global.yml
  - "{{ private }}/vars.yml"

  tasks:
  - include: "{{ tasks }}/persistent_cloud.yml"

- name: provisions basics onto system/setup paths
  hosts: lists-dev.cloud.fedoraproject.org
  user: root
  gather_facts: True

  vars_files: 
  - /srv/web/infra/ansible/vars/global.yml
  - "{{ private }}/vars.yml"
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  vars:
  - mailman_vardir: /srv/persist/mailman

  roles:
  - sudo
  - hosts

  tasks:
  - include: "{{ tasks }}/cloud_setup_basic.yml"
  - include: "{{ tasks }}/postfix_basic.yml"
  - include: "{{ tasks }}/yumrepos.yml"
  - include: "{{ tasks }}/motd.yml"
  - include: "{{ tasks }}/apache.yml"
  - include: "{{ tasks }}/mod_wsgi.yml"

  - name: mount up disk of persistent storage
    action: mount name=/srv/persist src='LABEL=lists-dev' fstype=ext4 state=mounted

  - name: selinux status
    selinux: policy=targeted state=enforcing

  # /srv/persist
  - name: mount up bind mount for postgres
    action: mount src=/srv/persist/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted
  - name: mount up bind mount for mailman
    action: mount src=/srv/persist/mailman name=/var/lib/mailman3 fstype=auto opts=bind state=mounted

  - name: get the repo file
    get_url: url=http://repos.fedorapeople.org/repos/abompard/hyperkitty/hyperkitty.repo
             dest=/etc/yum.repos.d/hyperkitty.repo mode=0444

  # open up ports (22, 80, 443, 25)
  - name: poke holes in the firewall
    command: lokkit {{ item }}
    with_items:
    - --service=ssh
    - --service=https
    - --service=http
    - --service=smtp

  # Database
  - name: initialize postgresql
    command: /usr/bin/postgresql-setup initdb
             creates=/var/lib/pgsql/data/postgresql.conf
  - name: copy pg_hba.conf
    copy: src="{{ files }}/lists-dev/pg_hba.conf" dest=/var/lib/pgsql/data/pg_hba.conf
          owner=postgres group=postgres
    notify:
    - restart postgresql
  - name: start postgresql
    service: state=started name=postgresql

  handlers:
  - include: "{{ handlers }}/restart_services.yml"
  - name: restart postgresql
    service: name=postgresql state=restarted



- name: setup db users/passwords for hyperkitty
  hosts: hyperkitty-stg
  gather_facts: no
  sudo: yes
  sudo_user: postgres
  vars_files: 
  - /srv/web/infra/ansible/vars/global.yml
  - "{{ private }}/vars.yml"
  - "{{ vars_path }}/{{ ansible_distribution }}.yml"
  vars:
  - mailman_vardir: /srv/persist/mailman


  tasks:
  # mailman auto-updates its schema, there can only be one admin user
  - name: mailman DB user
    postgresql_user: name=mailmanadmin password={{ lists_dev_mm_db_pass }}
  - name: hyperkitty DB admin user
    postgresql_user: name=hyperkittyadmin password={{ lists_dev_hk_db_pass }}
  - name: hyperkitty DB user
    postgresql_user: name=hyperkittyapp password={{ lists_dev_hk_db_pass }}
  - name: kittystore DB admin user
    postgresql_user: name=kittystoreadmin password={{ lists_dev_ks_db_pass }}
  - name: kittystore DB user
    postgresql_user: name=kittystoreapp password={{ lists_dev_ks_db_pass }}
  - name: databases creation
    postgresql_db: name={{ item }} owner="{{ item }}admin" encoding=UTF-8
    with_items:
    - mailman
    - hyperkitty
    - kittystore

- name: setup mailman and hyperkitty
  hosts: hyperkitty-stg
  gather_facts: no
  vars_files: 
  - /srv/web/infra/ansible/vars/global.yml
  - "{{ private }}/vars.yml"
  - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - role: mailman
    mailman_dbserver: localhost
    mailman_mm_db_pass: "{{ lists_dev_mm_db_pass }}"
    mailman_hk_admin_db_pass: "{{ lists_dev_hk_db_pass }}"
    mailman_hk_db_pass: "{{ lists_dev_hk_db_pass }}"
    mailman_ks_admin_db_pass: "{{ lists_dev_ks_db_pass }}"
    mailman_ks_db_pass: "{{ lists_dev_ks_db_pass }}"
  - collectd/base

  tasks:

  - name: install more needed packages
    yum: pkg={{ item }} state=installed
    with_items:
    - tar
    - mailman # transition from mailman2.1
    - vim
    - tmux
    - patch
    tags:
    - packages

  #- name: easy access to the postgresql databases
  #  template: src="{{ files }}/lists-dev/pgpass.j2" dest=/root/.pgpass
  #            owner=root group=root mode=0600

  - name: send root mail to abompard
    lineinfile: dest=/etc/aliases regexp='^root:' line="root:abompard@fedoraproject.org"
    notify:
    - reload aliases


  # Start services
  - name: start services
    service: state=started enabled=yes name={{ item }}
    with_items:
    - httpd
    - postgresql
    - mailman3
    - postfix


  handlers:
  - include: "{{ handlers }}/restart_services.yml"
  - name: reload aliases
    command: newaliases 
